npm - mppx - Versions diffs - 0.7.0 → 0.8.1 - Mend

mppx 0.7.0 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (290) hide show

package/CHANGELOG.md +41 -0
package/README.md +20 -11
package/dist/Challenge.d.ts.map +1 -1
package/dist/Challenge.js +18 -6
package/dist/Challenge.js.map +1 -1
package/dist/Mcp.d.ts +3 -0
package/dist/Mcp.d.ts.map +1 -1
package/dist/Mcp.js +2 -0
package/dist/Mcp.js.map +1 -1
package/dist/PaymentRequest.d.ts +10 -10
package/dist/PaymentRequest.js +8 -8
package/dist/cli/internal.d.ts +1 -0
package/dist/cli/internal.d.ts.map +1 -1
package/dist/cli/internal.js +1 -15
package/dist/cli/internal.js.map +1 -1
package/dist/client/Mppx.js +2 -2
package/dist/client/Mppx.js.map +1 -1
package/dist/client/Transport.d.ts +11 -16
package/dist/client/Transport.d.ts.map +1 -1
package/dist/client/Transport.js +55 -75
package/dist/client/Transport.js.map +1 -1
package/dist/client/index.d.ts +3 -0
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +1 -0
package/dist/client/index.js.map +1 -1
package/dist/client/internal/Fetch.d.ts.map +1 -1
package/dist/client/internal/Fetch.js +46 -7
package/dist/client/internal/Fetch.js.map +1 -1
package/dist/client/internal/protocols/Mcp.d.ts +7 -0
package/dist/client/internal/protocols/Mcp.d.ts.map +1 -0
package/dist/client/internal/protocols/Mcp.js +159 -0
package/dist/client/internal/protocols/Mcp.js.map +1 -0
package/dist/client/internal/protocols/Mpp.d.ts +4 -0
package/dist/client/internal/protocols/Mpp.d.ts.map +1 -0
package/dist/client/internal/protocols/Mpp.js +18 -0
package/dist/client/internal/protocols/Mpp.js.map +1 -0
package/dist/client/internal/protocols/Protocol.d.ts +10 -0
package/dist/client/internal/protocols/Protocol.d.ts.map +1 -0
package/dist/client/internal/protocols/Protocol.js +2 -0
package/dist/client/internal/protocols/Protocol.js.map +1 -0
package/dist/client/internal/protocols/Shared.d.ts +5 -0
package/dist/client/internal/protocols/Shared.d.ts.map +1 -0
package/dist/client/internal/protocols/Shared.js +20 -0
package/dist/client/internal/protocols/Shared.js.map +1 -0
package/dist/client/internal/protocols/X402.d.ts +8 -0
package/dist/client/internal/protocols/X402.d.ts.map +1 -0
package/dist/client/internal/protocols/X402.js +39 -0
package/dist/client/internal/protocols/X402.js.map +1 -0
package/dist/evm/client/index.d.ts +1 -0
package/dist/evm/client/index.d.ts.map +1 -1
package/dist/evm/client/index.js +1 -0
package/dist/evm/client/index.js.map +1 -1
package/dist/evm/index.d.ts +2 -0
package/dist/evm/index.d.ts.map +1 -1
package/dist/evm/index.js +2 -0
package/dist/evm/index.js.map +1 -1
package/dist/evm/server/index.d.ts +1 -0
package/dist/evm/server/index.d.ts.map +1 -1
package/dist/evm/server/index.js +1 -0
package/dist/evm/server/index.js.map +1 -1
package/dist/mcp/client/McpClient.d.ts +101 -0
package/dist/mcp/client/McpClient.d.ts.map +1 -0
package/dist/mcp/client/McpClient.js +162 -0
package/dist/mcp/client/McpClient.js.map +1 -0
package/dist/mcp/client/index.d.ts.map +1 -0
package/dist/mcp/client/index.js.map +1 -0
package/dist/mcp/server/Transport.d.ts.map +1 -0
package/dist/mcp/server/Transport.js.map +1 -0
package/dist/mcp/server/index.d.ts.map +1 -0
package/dist/mcp/server/index.js.map +1 -0
package/dist/server/Mppx.d.ts +1 -1
package/dist/server/Mppx.d.ts.map +1 -1
package/dist/server/Mppx.js +9 -0
package/dist/server/Mppx.js.map +1 -1
package/dist/server/Transport.d.ts +1 -1
package/dist/server/Transport.d.ts.map +1 -1
package/dist/server/Transport.js +1 -1
package/dist/server/Transport.js.map +1 -1
package/dist/stripe/server/internal/html.gen.d.ts +1 -1
package/dist/stripe/server/internal/html.gen.d.ts.map +1 -1
package/dist/stripe/server/internal/html.gen.js +1 -1
package/dist/stripe/server/internal/html.gen.js.map +1 -1
package/dist/tempo/Proof.d.ts +85 -1
package/dist/tempo/Proof.d.ts.map +1 -1
package/dist/tempo/Proof.js +35 -0
package/dist/tempo/Proof.js.map +1 -1
package/dist/tempo/client/Charge.d.ts +13 -1
package/dist/tempo/client/Charge.d.ts.map +1 -1
package/dist/tempo/client/Charge.js +38 -25
package/dist/tempo/client/Charge.js.map +1 -1
package/dist/tempo/client/Methods.d.ts +5 -3
package/dist/tempo/client/Methods.d.ts.map +1 -1
package/dist/tempo/client/Methods.js +4 -2
package/dist/tempo/client/Methods.js.map +1 -1
package/dist/tempo/client/ResolveAccount.d.ts +40 -0
package/dist/tempo/client/ResolveAccount.d.ts.map +1 -0
package/dist/tempo/client/ResolveAccount.js +2 -0
package/dist/tempo/client/ResolveAccount.js.map +1 -0
package/dist/tempo/internal/fee-payer.d.ts +26 -1
package/dist/tempo/internal/fee-payer.d.ts.map +1 -1
package/dist/tempo/internal/fee-payer.js +83 -30
package/dist/tempo/internal/fee-payer.js.map +1 -1
package/dist/tempo/internal/proof.d.ts +71 -5
package/dist/tempo/internal/proof.d.ts.map +1 -1
package/dist/tempo/internal/proof.js +42 -6
package/dist/tempo/internal/proof.js.map +1 -1
package/dist/tempo/legacy/client/SessionManager.d.ts.map +1 -1
package/dist/tempo/legacy/client/SessionManager.js +10 -3
package/dist/tempo/legacy/client/SessionManager.js.map +1 -1
package/dist/tempo/server/Charge.d.ts.map +1 -1
package/dist/tempo/server/Charge.js +46 -18
package/dist/tempo/server/Charge.js.map +1 -1
package/dist/tempo/server/Methods.d.ts +4 -2
package/dist/tempo/server/Methods.d.ts.map +1 -1
package/dist/tempo/server/Methods.js +4 -2
package/dist/tempo/server/Methods.js.map +1 -1
package/dist/tempo/server/Subscription.d.ts +10 -0
package/dist/tempo/server/Subscription.d.ts.map +1 -1
package/dist/tempo/server/Subscription.js +135 -23
package/dist/tempo/server/Subscription.js.map +1 -1
package/dist/tempo/server/internal/html.gen.d.ts +1 -1
package/dist/tempo/server/internal/html.gen.d.ts.map +1 -1
package/dist/tempo/server/internal/html.gen.js +1 -1
package/dist/tempo/server/internal/html.gen.js.map +1 -1
package/dist/tempo/session/client/ChannelOps.d.ts +2 -3
package/dist/tempo/session/client/ChannelOps.d.ts.map +1 -1
package/dist/tempo/session/client/ChannelOps.js +7 -10
package/dist/tempo/session/client/ChannelOps.js.map +1 -1
package/dist/tempo/session/client/ChannelStore.d.ts +51 -0
package/dist/tempo/session/client/ChannelStore.d.ts.map +1 -0
package/dist/tempo/session/client/ChannelStore.js +63 -0
package/dist/tempo/session/client/ChannelStore.js.map +1 -0
package/dist/tempo/session/client/CredentialState.d.ts +7 -24
package/dist/tempo/session/client/CredentialState.d.ts.map +1 -1
package/dist/tempo/session/client/CredentialState.js +51 -49
package/dist/tempo/session/client/CredentialState.js.map +1 -1
package/dist/tempo/session/client/Session.d.ts +8 -2
package/dist/tempo/session/client/Session.d.ts.map +1 -1
package/dist/tempo/session/client/Session.js +22 -8
package/dist/tempo/session/client/Session.js.map +1 -1
package/dist/tempo/session/client/SessionManager.d.ts +4 -40
package/dist/tempo/session/client/SessionManager.d.ts.map +1 -1
package/dist/tempo/session/client/SessionManager.js +124 -174
package/dist/tempo/session/client/SessionManager.js.map +1 -1
package/dist/tempo/session/client/index.d.ts +3 -4
package/dist/tempo/session/client/index.d.ts.map +1 -1
package/dist/tempo/session/client/index.js +1 -0
package/dist/tempo/session/client/index.js.map +1 -1
package/dist/tempo/session/precompile/Voucher.d.ts +3 -3
package/dist/tempo/session/precompile/Voucher.d.ts.map +1 -1
package/dist/tempo/session/precompile/Voucher.js +24 -25
package/dist/tempo/session/precompile/Voucher.js.map +1 -1
package/dist/tempo/session/server/CredentialVerification.d.ts +6 -0
package/dist/tempo/session/server/CredentialVerification.d.ts.map +1 -1
package/dist/tempo/session/server/CredentialVerification.js +13 -0
package/dist/tempo/session/server/CredentialVerification.js.map +1 -1
package/dist/tempo/session/server/Settlement.d.ts.map +1 -1
package/dist/tempo/session/server/Settlement.js +4 -2
package/dist/tempo/session/server/Settlement.js.map +1 -1
package/dist/tempo/session/server/Sse.d.ts.map +1 -1
package/dist/tempo/session/server/Sse.js.map +1 -1
package/dist/tempo/session/server/Ws.d.ts.map +1 -1
package/dist/tempo/session/server/Ws.js.map +1 -1
package/dist/tempo/subscription/KeyAuthorization.d.ts +712 -1
package/dist/tempo/subscription/KeyAuthorization.d.ts.map +1 -1
package/dist/tempo/subscription/Store.d.ts +2 -0
package/dist/tempo/subscription/Store.d.ts.map +1 -1
package/dist/tempo/subscription/Store.js +16 -1
package/dist/tempo/subscription/Store.js.map +1 -1
package/dist/x402/index.d.ts +1 -0
package/dist/x402/index.d.ts.map +1 -1
package/dist/x402/index.js +1 -0
package/dist/x402/index.js.map +1 -1
package/package.json +21 -10
package/src/Challenge.test.ts +40 -0
package/src/Challenge.ts +19 -6
package/src/Mcp.ts +4 -0
package/src/PaymentRequest.ts +10 -10
package/src/cli/cli.test.ts +15 -15
package/src/cli/config.test.ts +13 -7
package/src/cli/internal.ts +1 -16
package/src/client/Mppx.test-d.ts +21 -1
package/src/client/Mppx.test.ts +1 -1
package/src/client/Mppx.ts +2 -2
package/src/client/Transport.test.ts +225 -178
package/src/client/Transport.ts +77 -83
package/src/client/index.ts +14 -0
package/src/client/internal/Fetch.test.ts +207 -2
package/src/client/internal/Fetch.ts +52 -6
package/src/client/internal/protocols/Mcp.test.ts +220 -0
package/src/client/internal/protocols/Mcp.ts +162 -0
package/src/client/internal/protocols/Mpp.ts +21 -0
package/src/client/internal/protocols/Protocol.ts +10 -0
package/src/client/internal/protocols/Shared.ts +25 -0
package/src/client/internal/protocols/X402.ts +42 -0
package/src/discovery/OpenApi.test.ts +1 -1
package/src/evm/PublicInterface.test-d.ts +1 -1
package/src/evm/client/index.ts +1 -0
package/src/evm/index.ts +2 -0
package/src/evm/server/Charge.test.ts +1 -1
package/src/evm/server/index.ts +1 -0
package/src/{mcp-sdk → mcp}/client/McpClient.integration.test.ts +10 -4
package/src/{mcp-sdk → mcp}/client/McpClient.test-d.ts +45 -18
package/src/{mcp-sdk → mcp}/client/McpClient.test.ts +211 -5
package/src/mcp/client/McpClient.ts +307 -0
package/src/{mcp-sdk → mcp}/client/McpClient.unit.test.ts +9 -5
package/src/middlewares/elysia.test.ts +1 -1
package/src/middlewares/express.test.ts +1 -1
package/src/middlewares/hono.test.ts +1 -1
package/src/middlewares/internal/mppx.test.ts +1 -1
package/src/middlewares/nextjs.test.ts +1 -1
package/src/proxy/Proxy.test.ts +1 -1
package/src/proxy/services/anthropic.test.ts +1 -1
package/src/proxy/services/openai.test.ts +1 -1
package/src/proxy/services/stripe.test.ts +1 -1
package/src/server/Mppx.authorize.test.ts +1 -1
package/src/server/Mppx.test-d.ts +1 -1
package/src/server/Mppx.test.ts +20 -2
package/src/server/Mppx.ts +14 -1
package/src/server/Transport.test.ts +6 -6
package/src/server/Transport.ts +1 -1
package/src/stripe/Charge.integration.test.ts +1 -1
package/src/stripe/client/Charge.test.ts +1 -1
package/src/stripe/server/Charge.test.ts +1 -1
package/src/stripe/server/internal/html/package.json +1 -1
package/src/stripe/server/internal/html.gen.ts +1 -1
package/src/tempo/Proof.conformance.test.ts +146 -0
package/src/tempo/Proof.test-d.ts +15 -0
package/src/tempo/Proof.ts +52 -1
package/src/tempo/Subscription.integration.test.ts +1 -1
package/src/tempo/client/Charge.test.ts +173 -0
package/src/tempo/client/Charge.ts +65 -36
package/src/tempo/client/Methods.ts +4 -2
package/src/tempo/client/ResolveAccount.ts +46 -0
package/src/tempo/internal/fee-payer.test.ts +89 -10
package/src/tempo/internal/fee-payer.ts +128 -41
package/src/tempo/internal/proof.test.ts +12 -4
package/src/tempo/internal/proof.ts +55 -6
package/src/tempo/legacy/client/SessionManager.ts +11 -3
package/src/tempo/legacy/server/Session.test.ts +91 -26
package/src/tempo/server/Charge.test.ts +388 -17
package/src/tempo/server/Charge.ts +50 -24
package/src/tempo/server/Methods.ts +4 -2
package/src/tempo/server/Subscription.test.ts +465 -3
package/src/tempo/server/Subscription.ts +174 -19
package/src/tempo/server/internal/html/package.json +2 -2
package/src/tempo/server/internal/html.gen.ts +1 -1
package/src/tempo/session/client/ChannelOps.ts +5 -19
package/src/tempo/session/client/ChannelStore.ts +111 -0
package/src/tempo/session/client/CredentialState.test.ts +206 -62
package/src/tempo/session/client/CredentialState.ts +58 -73
package/src/tempo/session/client/Session.test.ts +41 -1
package/src/tempo/session/client/Session.ts +36 -10
package/src/tempo/session/client/SessionManager.test.ts +154 -65
package/src/tempo/session/client/SessionManager.ts +141 -235
package/src/tempo/session/client/index.ts +8 -5
package/src/tempo/session/precompile/Voucher.test.ts +45 -7
package/src/tempo/session/precompile/Voucher.ts +27 -25
package/src/tempo/session/server/CredentialVerification.test.ts +36 -0
package/src/tempo/session/server/CredentialVerification.ts +18 -0
package/src/tempo/session/server/Session.test.ts +4 -4
package/src/tempo/session/server/Settlement.test.ts +88 -1
package/src/tempo/session/server/Settlement.ts +2 -1
package/src/tempo/session/server/Sse.ts +0 -2
package/src/tempo/session/server/Ws.ts +0 -4
package/src/tempo/subscription/Store.ts +27 -9
package/src/x402/Exact.e2e.test.ts +1 -1
package/src/x402/PublicInterface.test-d.ts +1 -1
package/src/x402/index.ts +1 -0
package/dist/mcp-sdk/client/McpClient.d.ts +0 -85
package/dist/mcp-sdk/client/McpClient.d.ts.map +0 -1
package/dist/mcp-sdk/client/McpClient.js +0 -118
package/dist/mcp-sdk/client/McpClient.js.map +0 -1
package/dist/mcp-sdk/client/index.d.ts.map +0 -1
package/dist/mcp-sdk/client/index.js.map +0 -1
package/dist/mcp-sdk/server/Transport.d.ts.map +0 -1
package/dist/mcp-sdk/server/Transport.js.map +0 -1
package/dist/mcp-sdk/server/index.d.ts.map +0 -1
package/dist/mcp-sdk/server/index.js.map +0 -1
package/src/mcp-sdk/client/McpClient.ts +0 -228
/package/dist/{mcp-sdk → mcp}/client/index.d.ts +0 -0
/package/dist/{mcp-sdk → mcp}/client/index.js +0 -0
/package/dist/{mcp-sdk → mcp}/server/Transport.d.ts +0 -0
/package/dist/{mcp-sdk → mcp}/server/Transport.js +0 -0
/package/dist/{mcp-sdk → mcp}/server/index.d.ts +0 -0
/package/dist/{mcp-sdk → mcp}/server/index.js +0 -0
/package/src/{mcp-sdk → mcp}/client/index.ts +0 -0
/package/src/{mcp-sdk → mcp}/server/Transport.test.ts +0 -0
/package/src/{mcp-sdk → mcp}/server/Transport.ts +0 -0
/package/src/{mcp-sdk → mcp}/server/index.ts +0 -0

package/src/tempo/internal/fee-payer.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+import { Secp256k1 } from 'ox'
 import type { TempoAddress } from 'ox/tempo'
 import { TxEnvelopeTempo } from 'ox/tempo'
 import type { Hex } from 'viem'
@@ -173,13 +174,29 @@ function hostedFeePayerRequest(transaction: SponsoredTransaction) {
  * Co-signs a sender-signed partial sponsorship envelope using a hosted
  * fee-payer endpoint without letting the endpoint mutate sender-committed
  * transaction fields.
+ *
+ * @returns The serialized co-signed transaction plus the sponsor's recovered
+ *   `feePayer` address and chosen `feeToken`, so callers can pre-broadcast
+ *   simulate the exact transaction the sponsor broadcasts.
  */
 export async function fillHostedFeePayerTransaction(parameters: {
   allowedFeeTokens: readonly TempoAddress.Address[]
+  challengeExpires?: string | undefined
+  chainId: number
+  details: Record<string, string>
+  policy?: Partial<Policy> | undefined
   transaction: SponsoredTransaction
   url: string
 }) {
-  const { allowedFeeTokens, transaction, url } = parameters
+  const { allowedFeeTokens, challengeExpires, chainId, details, policy, transaction, url } =
+    parameters
+  assertTransactionPolicy({
+    challengeExpires,
+    chainId,
+    details,
+    policy,
+    transaction,
+  })
   const response = await fetch(url, {
     body: JSON.stringify(
       {
@@ -207,12 +224,43 @@ export async function fillHostedFeePayerTransaction(parameters: {
   assertAllowedFeeToken({ feeToken: filled.feeToken }, allowedFeeTokens)
-  return Transaction.serialize({
-    ...transaction,
-    feePayer: true,
-    feePayerSignature: filled.feePayerSignature,
-    feeToken: filled.feeToken,
-  } as never)
+  const feePayerSignature = filled.feePayerSignature
+  const feeToken = filled.feeToken
+  // Recover the concrete sponsor address so the simulation can use a concrete
+  // `feePayer` (the node rejects `eth_call` with `feePayer: true`).
+  const feePayer = (() => {
+    try {
+      return Secp256k1.recoverAddress({
+        payload: TxEnvelopeTempo.getFeePayerSignPayload(
+          TxEnvelopeTempo.from({
+            ...transaction,
+            feePayerSignature: undefined,
+            feeToken,
+            signature: undefined,
+          } as never),
+          { sender: transaction.from as never },
+        ),
+        signature: feePayerSignature as never,
+      })
+    } catch {
+      throw new FeePayerValidationError(
+        'hosted fee payer returned an invalid feePayerSignature',
+        {},
+      )
+    }
+  })()
+  return {
+    feePayer,
+    feeToken,
+    serializedTransaction: await Transaction.serialize({
+      ...transaction,
+      feePayer: true,
+      feePayerSignature,
+      feeToken,
+    } as never),
+  }
 }
 /** Returns a transaction shape suitable for pre-broadcast simulation. */
@@ -397,9 +445,8 @@ export function validateCalls(
   }
 }
-export function prepareSponsoredTransaction(parameters: {
-  account: Account
-  allowedFeeTokens?: readonly TempoAddress.Address[] | undefined
+/** Validates sponsor fee policy limits for a fee-payer transaction. */
+export function assertTransactionPolicy(parameters: {
   challengeExpires?: string | undefined
   chainId: number
   details: Record<string, string>
@@ -408,8 +455,6 @@ export function prepareSponsoredTransaction(parameters: {
   transaction: SponsoredTransaction
 }) {
   const {
-    account,
-    allowedFeeTokens,
     challengeExpires,
     chainId,
     details,
@@ -418,22 +463,12 @@ export function prepareSponsoredTransaction(parameters: {
     transaction,
   } = parameters
   const policy = getPolicy(chainId, policyOverrides)
-  const transactionRecord = transaction as Record<string, unknown>
   const {
-    accessList,
-    calls,
     chainId: transactionChainId,
-    feeToken,
-    from,
     gas,
-    keyAuthorization,
     maxFeePerGas,
     maxPriorityFeePerGas,
-    nonce,
     nonceKey,
-    signature,
-    validAfter,
     validBefore,
   } = transaction
@@ -441,25 +476,6 @@ export function prepareSponsoredTransaction(parameters: {
     throw new FeePayerValidationError(reason, { ...details, ...extra })
   }
-  const unsupportedKeys = Object.entries(transaction).flatMap(([key, value]) => {
-    if (value === undefined) return []
-    if (supportedTransactionKeys.has(key)) return []
-    return [key]
-  })
-  if (unsupportedKeys.length > 0)
-    fail('fee-sponsored transaction contains unsupported fields', {
-      unsupportedFields: unsupportedKeys.join(', '),
-    })
-  const rejectedKeys = rejectedTransactionKeys.filter((key) => {
-    const value = transactionRecord[key]
-    return value !== undefined && value !== null
-  })
-  if (rejectedKeys.length > 0)
-    fail('fee-sponsored transaction contains rejected fields', {
-      rejectedFields: rejectedKeys.join(', '),
-    })
   if (transaction.type !== undefined && transaction.type !== 'tempo')
     fail('fee-sponsored transaction type is invalid', {
       type: String(transaction.type),
@@ -526,6 +542,77 @@ export function prepareSponsoredTransaction(parameters: {
       validBefore: String(validBeforeValue),
     })
+  return { gasLimit, maxFeePerGasValue, validBeforeValue }
+}
+export function prepareSponsoredTransaction(parameters: {
+  account: Account
+  allowedFeeTokens?: readonly TempoAddress.Address[] | undefined
+  challengeExpires?: string | undefined
+  chainId: number
+  details: Record<string, string>
+  now?: Date | undefined
+  policy?: Partial<Policy> | undefined
+  transaction: SponsoredTransaction
+}) {
+  const {
+    account,
+    allowedFeeTokens,
+    challengeExpires,
+    chainId,
+    details,
+    now = new Date(),
+    policy: policyOverrides,
+    transaction,
+  } = parameters
+  const transactionRecord = transaction as Record<string, unknown>
+  const {
+    accessList,
+    calls,
+    chainId: transactionChainId,
+    feeToken,
+    from,
+    keyAuthorization,
+    maxPriorityFeePerGas,
+    nonce,
+    nonceKey,
+    signature,
+    validAfter,
+  } = transaction
+  const fail = (reason: string, extra: Record<string, string> = {}) => {
+    throw new FeePayerValidationError(reason, { ...details, ...extra })
+  }
+  const unsupportedKeys = Object.entries(transaction).flatMap(([key, value]) => {
+    if (value === undefined) return []
+    if (supportedTransactionKeys.has(key)) return []
+    return [key]
+  })
+  if (unsupportedKeys.length > 0)
+    fail('fee-sponsored transaction contains unsupported fields', {
+      unsupportedFields: unsupportedKeys.join(', '),
+    })
+  const rejectedKeys = rejectedTransactionKeys.filter((key) => {
+    const value = transactionRecord[key]
+    return value !== undefined && value !== null
+  })
+  if (rejectedKeys.length > 0)
+    fail('fee-sponsored transaction contains rejected fields', {
+      rejectedFields: rejectedKeys.join(', '),
+    })
+  const { gasLimit, maxFeePerGasValue, validBeforeValue } = assertTransactionPolicy({
+    challengeExpires,
+    chainId,
+    details,
+    now,
+    policy: policyOverrides,
+    transaction,
+  })
   const normalizedFeeToken = (() => {
     if (feeToken === undefined) return undefined
     if (typeof feeToken !== 'string') fail('fee-sponsored transaction feeToken is invalid')

package/src/tempo/internal/proof.test.ts CHANGED Viewed

@@ -44,9 +44,10 @@ const parsePkhSourceCases = [
 ] as const
 describe('Proof', () => {
-  test('types has Proof with challengeId and realm fields', () => {
+  test('types has Proof with account, challengeId and realm fields', () => {
     expect(Proof.types).toEqual({
       Proof: [
+        { name: 'account', type: 'address' },
         { name: 'challengeId', type: 'string' },
         { name: 'realm', type: 'string' },
       ],
@@ -55,7 +56,7 @@ describe('Proof', () => {
   test('domain returns EIP-712 domain with name, version, chainId', () => {
     const d = Proof.domain(42431)
-    expect(d).toEqual({ name: 'MPP', version: '2', chainId: 42431 })
+    expect(d).toEqual({ name: 'MPP', version: '3', chainId: 42431 })
   })
   test('domain uses provided chainId', () => {
@@ -63,8 +64,15 @@ describe('Proof', () => {
     expect(Proof.domain(99999).chainId).toBe(99999)
   })
-  test('message wraps challengeId and realm', () => {
-    expect(Proof.message('abc123', 'api.example.com')).toEqual({
+  test('message wraps account, challengeId and realm', () => {
+    expect(
+      Proof.message({
+        account: '0xAbCdEf1234567890AbCdEf1234567890AbCdEf12',
+        challengeId: 'abc123',
+        realm: 'api.example.com',
+      }),
+    ).toEqual({
+      account: '0xAbCdEf1234567890AbCdEf1234567890AbCdEf12',
       challengeId: 'abc123',
       realm: 'api.example.com',
     })

package/src/tempo/internal/proof.ts CHANGED Viewed

@@ -1,8 +1,18 @@
-import { isAddress, type Address } from 'viem'
+import { hashTypedData, isAddress, type Address, type Hex } from 'viem'
-/** EIP-712 typed data types for proof credentials. */
+/** EIP-712 primary type for proof credentials. */
+export const primaryType = 'Proof' as const
+/**
+ * EIP-712 typed-data field definitions for Tempo zero-amount proof credentials.
+ *
+ * The `account` field cryptographically binds the signature to the payer
+ * wallet, so a proof signed for one account cannot be replayed against another
+ * — including across an access key that is authorized for multiple accounts.
+ */
 export const types = {
   Proof: [
+    { name: 'account', type: 'address' },
     { name: 'challengeId', type: 'string' },
     { name: 'realm', type: 'string' },
   ],
@@ -10,12 +20,51 @@ export const types = {
 /** Constructs the EIP-712 domain for a proof credential. */
 export function domain(chainId: number) {
-  return { name: 'MPP', version: '2', chainId } as const
+  return { name: 'MPP', version: '3', chainId } as const
+}
+/**
+ * Constructs the EIP-712 message for a proof credential.
+ *
+ * @param parameters - Proof message parameters.
+ * @param parameters.account - Payer wallet address the proof is bound to.
+ * @param parameters.challengeId - Challenge `id` being proven.
+ * @param parameters.realm - Challenge `realm` being proven.
+ */
+export function message(parameters: { account: Address; challengeId: string; realm: string }) {
+  const { account, challengeId, realm } = parameters
+  return { account, challengeId, realm } as const
+}
+/**
+ * Constructs the complete EIP-712 typed-data payload for a proof credential.
+ *
+ * This is the canonical, wallet-bound proof contract: signing this payload
+ * commits the signer to a specific `account`, `challengeId`, and `realm`.
+ */
+export function typedData(parameters: {
+  account: Address
+  chainId: number
+  challengeId: string
+  realm: string
+}) {
+  const { account, chainId, challengeId, realm } = parameters
+  return {
+    domain: domain(chainId),
+    types,
+    primaryType,
+    message: message({ account, challengeId, realm }),
+  } as const
 }
-/** Constructs the EIP-712 message for a proof credential. */
-export function message(challengeId: string, realm: string) {
-  return { challengeId, realm } as const
+/** Computes the EIP-712 digest (signing payload) for a proof credential. */
+export function hash(parameters: {
+  account: Address
+  chainId: number
+  challengeId: string
+  realm: string
+}): Hex {
+  return hashTypedData(typedData(parameters))
 }
 /** Constructs the expected `did:pkh` source DID for a proof credential. */

package/src/tempo/legacy/client/SessionManager.ts CHANGED Viewed

@@ -127,6 +127,7 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
   let channel: ChannelEntry | null = null
   let lastChallenge: Challenge.Challenge | null = null
   let lastUrl: RequestInfo | URL | null = null
+  let acceptedCumulative = 0n
   let spent = 0n
   let activeSocketChallenge: Challenge.Challenge | null = null
   let activeSocketChannelId: Hex.Hex | null = null
@@ -146,7 +147,10 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
     decimals: parameters.decimals,
     maxDeposit: parameters.maxDeposit,
     onChannelUpdate(entry) {
-      if (entry.channelId !== channel?.channelId) spent = 0n
+      if (entry.channelId !== channel?.channelId) {
+        acceptedCumulative = 0n
+        spent = 0n
+      }
       channel = entry
     },
   })
@@ -164,7 +168,10 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
   function updateSpentFromReceipt(receipt: SessionReceipt | null | undefined) {
     if (!receipt || receipt.channelId !== channel?.channelId) return
     assertReceiptWithinLocalState(receipt)
+    const nextAcceptedCumulative = BigInt(receipt.acceptedCumulative)
     const next = BigInt(receipt.spent)
+    acceptedCumulative =
+      acceptedCumulative > nextAcceptedCumulative ? acceptedCumulative : nextAcceptedCumulative
     spent = spent > next ? spent : next
   }
@@ -253,8 +260,9 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
       return (bestSpent > cumulative ? cumulative : bestSpent).toString()
     }
-    // SSE/HTTP: spent is kept in sync by inline receipts, use it directly.
-    return spent.toString()
+    // Some legacy servers report receipt.spent as a per-request delta while
+    // still requiring close at the highest accepted cumulative voucher.
+    return (spent > acceptedCumulative ? spent : acceptedCumulative).toString()
   }
   function assertVoucherWithinLocalLimit(cumulativeAmount: bigint) {

package/src/tempo/legacy/server/Session.test.ts CHANGED Viewed

@@ -123,7 +123,7 @@ describe.runIf(isLocalnet)('session', () => {
         } as session.Parameters),
       ],
       realm: 'api.example.com',
-      secretKey: 'secret',
+      secretKey: 'test-secret-key-test-secret-key-32',
     })
   }
@@ -3473,6 +3473,71 @@ describe.runIf(isLocalnet)('session', () => {
       expect(persisted?.finalized).toBe(true)
     })
+    test('sessionManager closes at accepted cumulative when HTTP receipt spent is per-request delta', async () => {
+      const handler = createHandler()
+      const route = handler.session({
+        amount: '1',
+        decimals: 6,
+        unitType: 'token',
+      })
+      let lastAcceptedCumulative = 0n
+      const fetch = async (input: RequestInfo | URL, init?: RequestInit) => {
+        const request = new Request(input, init)
+        const result = await route(request)
+        if (result.status === 402) return result.challenge
+        const response = result.withReceipt(new Response('ok'))
+        const receiptHeader = response.headers.get('Payment-Receipt')
+        if (!receiptHeader) return response
+        const receipt = deserializeSessionReceipt(receiptHeader)
+        if (
+          Credential.fromRequest<LegacySessionCredentialPayload>(request).payload?.action ===
+          'close'
+        ) {
+          return response
+        }
+        const acceptedCumulative = BigInt(receipt.acceptedCumulative)
+        const delta = acceptedCumulative - lastAcceptedCumulative
+        lastAcceptedCumulative = acceptedCumulative
+        return new Response(response.body, {
+          status: response.status,
+          statusText: response.statusText,
+          headers: {
+            'Payment-Receipt': serializeSessionReceipt({
+              ...receipt,
+              spent: delta.toString(),
+            }),
+          },
+        })
+      }
+      const manager = sessionManager({
+        account: payer,
+        client,
+        escrowContract,
+        fetch,
+        maxDeposit: '3',
+      })
+      const first = await manager.fetch('https://api.example.com/resource')
+      expect(first.status).toBe(200)
+      expect(first.receipt?.acceptedCumulative).toBe('1000000')
+      expect(first.receipt?.spent).toBe('1000000')
+      const second = await manager.fetch('https://api.example.com/resource')
+      expect(second.status).toBe(200)
+      expect(second.receipt?.acceptedCumulative).toBe('2000000')
+      expect(second.receipt?.spent).toBe('1000000')
+      const closeReceipt = await manager.close()
+      expect(closeReceipt?.status).toBe('success')
+      expect(closeReceipt?.acceptedCumulative).toBe('2000000')
+      expect(closeReceipt?.spent).toBe('2000000')
+    })
     test('sessionManager rejects receipts that exceed the locally signed voucher', async () => {
       const handler = createHandler()
       const route = handler.session({
@@ -4211,7 +4276,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const fetch = async (input: RequestInfo | URL, init?: RequestInit) => {
@@ -4253,7 +4318,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const fetch = async (input: RequestInfo | URL, init?: RequestInit) => {
@@ -4296,7 +4361,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const fetch = async (input: RequestInfo | URL, init?: RequestInit) => {
@@ -4347,7 +4412,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const fetch = async (input: RequestInfo | URL, init?: RequestInit) => {
@@ -4390,7 +4455,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       })
       const result = await handler.session({
@@ -4434,7 +4499,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       })
       const result = await handler.session({
@@ -4464,7 +4529,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       let voucherPosts = 0
@@ -4542,7 +4607,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'request' })
       let voucherPosts = 0
@@ -4627,7 +4692,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
@@ -4710,7 +4775,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       let voucherPosts = 0
@@ -4784,7 +4849,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const fetch = async (input: RequestInfo | URL, init?: RequestInit) => {
@@ -4825,7 +4890,7 @@ describe.runIf(isLocalnet)('session', () => {
       const handler = Mppx_server.create({
         methods: [tempo_server.charge({ account: accounts[0], currency: asset })],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       })
       const result = await handler.charge({
@@ -4855,7 +4920,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       let voucherUpdates = 0
@@ -4968,7 +5033,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       let voucherUpdates = 0
@@ -5081,7 +5146,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const route = (request: Request) => routeHandler(request)
@@ -5191,7 +5256,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const httpHandler = NodeRequest.toNodeListener(async (request) => {
@@ -5278,7 +5343,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const route = (request: Request) => routeHandler(request)
@@ -5371,7 +5436,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const httpHandler = NodeRequest.toNodeListener(async (request) => {
@@ -5480,7 +5545,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const route = (request: Request) => routeHandler(request)
@@ -5582,7 +5647,7 @@ describe.runIf(isLocalnet)('session', () => {
           }),
         ],
         realm: 'api.example.com',
-        secretKey: 'secret',
+        secretKey: 'test-secret-key-test-secret-key-32',
       }).session({ amount: '1', decimals: 6, unitType: 'token' })
       const httpHandler = NodeRequest.toNodeListener(async (request) => {
@@ -6041,7 +6106,7 @@ describe('session default currency resolution', () => {
         }),
       ],
       realm: 'api.example.com',
-      secretKey: 'secret',
+      secretKey: 'test-secret-key-test-secret-key-32',
     })
     const result = await (handler.session as Function)({
@@ -6067,7 +6132,7 @@ describe('session default currency resolution', () => {
         }),
       ],
       realm: 'api.example.com',
-      secretKey: 'secret',
+      secretKey: 'test-secret-key-test-secret-key-32',
     })
     const result = await (handler.session as Function)({
@@ -6094,7 +6159,7 @@ describe('session default currency resolution', () => {
         }),
       ],
       realm: 'api.example.com',
-      secretKey: 'secret',
+      secretKey: 'test-secret-key-test-secret-key-32',
     })
     const result = await (handler.session as Function)({
@@ -6122,7 +6187,7 @@ describe('session default currency resolution', () => {
         }),
       ],
       realm: 'api.example.com',
-      secretKey: 'secret',
+      secretKey: 'test-secret-key-test-secret-key-32',
     })
     const result = await handler.session({
@@ -6149,7 +6214,7 @@ describe('session default currency resolution', () => {
         }),
       ],
       realm: 'api.example.com',
-      secretKey: 'secret',
+      secretKey: 'test-secret-key-test-secret-key-32',
     })
     expect(() =>